Another Fake Google Domain: fonts.googlesapi.com

Another Fake Google Domain: fonts.googlesapi.com

Our Remediation team lead Ben Martin recently found a fake Google domain that is pretty convincing to the naked eye. The malicious domain was abusing the URL shortener service is.gd: shortened URLs ...
Vulnerable Versions of Adminer as a Universal Infection Vector

Vulnerable Versions of Adminer as a Universal Infection Vector

This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple files and ...
Fake Human Verification Spam

Fake Human Verification Spam

We recently released an update to our Labs Knowledgebase for new plugins that had been targeted during the month of July 2019. One of these newly targeted plugins was Advanced Booking Calendar ...
Fake Human Verification Spam

Fake Human Verification Spam

We recently released an update to our Labs Knowledgebase for new plugins that had been targeted during the month of July 2019. One of these newly targeted plugins was Advanced Booking Calendar ...
How Domain Expiration Can Potentially Disrupt Other Websites

How Domain Expiration Can Potentially Disrupt Other Websites

A website owner recently reached out to us about a pop-up advertisement problem on their website which occurred any time someone clicked anywhere on the web page. This irritating pop-up didn’t come ...
Lightbox Adware – From Innocent Scripts to Malicious Redirects

Lightbox Adware – From Innocent Scripts to Malicious Redirects

It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if other scripts ...
From .tk Redirects to PushKa Browser Notification Scam

From .tk Redirects to PushKa Browser Notification Scam

In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites. This campaign leverages old vulnerabilities (patched a long time ago) found in ...
Free SuperCounters Widget Serves Unwanted Redirects to Dating Site

Free SuperCounters Widget Serves Unwanted Redirects to Dating Site

If we navigate way back into the recesses of our memory to the era of GeoCities websites and MySpace pages, we might distinctly recollect the popularity of the visitor-counting widget. Commonly displayed ...
Free Website Malware Scanner Sucuri Sitecheck

A Scam-Free Cyber Monday for Online Businesses

Every year we see an increase in website attacks during the holidays. While business owners see their sales go up due to promotional Black Friday and Cyber Monday campaigns, hackers are in ...
Saskmade[.]net Redirects

Saskmade[.]net Redirects

Earlier this week, we published a blog post about an ongoing massive malware campaign describing multiple infection vectors that it uses. This same week, we started detecting new modifications of the scripts ...
Loading...